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CLAIMS: 



1 . Method of creating a control point (30) associated with a user in a computing 

environment having a networking connectivity model and comprising the steps of: 

generating a control point identity for the user based on a public key 
associated with the user, (step 46), 
5 - providing at least basic control point functionalities, (step 48), and 

storing the control point identity and the functionalities as a control point (30), 
(step 50), such that the user can operate any device (38) he is allowed to in the computing 
environment from any physical entity (12, 18, 20, 22) where the control point is enabled. 

1 0 2. Method according to claim 1 , wherein the control point is stored on a server 

that an entity through which a user can access a device can reach. 

3. Method according to claim 1, wherein the control point is stored on a smart 
card (16) of the user. 

15 

4. Method according to claim 1, wherein a replica of the control point is stored in 
each device the user can be allowed to control. 

5. Method according to claim 1, wherein the connectivity model is Universal 
20 Plug and Play. 

6. Method of accessing services provided by a device (38) in a computing 
environment having a networking connectivity model and comprising the steps of: 

identifying a user wanting to access services at a point of access (12) for the 
25 user to the computing environment by using a control point identifier, (step 52), 

determining if there is a control point (30) associated with the user existing at 
the point of access, (step 54), 

copying, if there is no such control point at the point of access, the control 
point to the point of access, (step 56), 
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activating the control point, (step 58), and 

connecting the control point with a device (38), (step 64), such that the user 
can access services from the device in dependence of the rights granted to him. 

5 7. Method according to claim 6, wherein the step of identifying comprises 

performing authentication of the user using the public key and a secret key of the user. 

8. Method according to claim 6, wherein the step of copying comprises copying 
the control point from a known user control point store. 

10 

9. Method according to claim 6, further comprising the steps of: 
registering the control point (30) at a security console (36) using the control 

point identifier, (step 60), and 

granting permission to the control point regarding at least one device (38) 
15 from the security console, (step 62), such that a user can access services of the device via the 
control point. 

10. Method according to claim 9, wherein the step of granting permission • 
comprises storing the control point identifier in an action control list associated with the 

20 device in question. 

1 1 . Method according to claim 9, wherein the step of granting permission 
comprises providing the control point with a ticket to be used for accessing services of the 
device. 

25 

12. Method according to claim 9, further comprising the step of accessing the 
services using access rights provided by a security console (36). 

13. Apparatus (12) for creating a control point (30) associated with a user in a 
30 computing environment having a networking connectivity model and arranged to: 

generate a control point identity for the user based on a public key associated 

with the user, 

provide at least basic control point functionalities, and 
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store the control point identity and the functionalities as a control point (30) 
such that the user can operate any device he is allowed to in the computing environment from 
any physical entity where the control point is enabled. 

5 14. Apparatus (12) for accessing services provided by a device (38) in a 

computing environment having a networking connectivity model and arranged to: 

identify a user wanting to access services at a point of access (12) for the user 
to the computing environment by using a control point identifier, 

determine if there is a control point (30) associated with the user existing at 
1 0 the point of access, 

copy, if there is no such control point at the point of access, the control point 
to the point of access, 

activate the control point, and 

connect the control point with a device (38), such that the user can access 
15 services from the device in dependence of the rights granted to him. 

15. Network of computing devices using a networking connectivity model and 

comprising: 

an apparatus (12) for creating a control point (30) associated with a user and 

20 arranged to: 

- generate a control point identity for the user based on a public key associated 

with the user, 

- provide at least basic control point functionalities, and 

- store the control point identity and the functionalities as a control point (30) 
25 such that the user can operate any device (38) he is allowed to in the computing environment 

from any physical entity (12, 18, 20, 22) where the control point is enabled, and 

an apparatus (12) for accessing services provided by a device and arranged to: 

- identify a user wanting to access services at a point of access (12) for the 
user to the computing environment by using a control point identifier, 

30 - determine if there is a control point associated with the user existing at the 

point of access, 

- copy, if there is no such control point at the point of access, the control point 
to the point of access, 

- activate the control point, and 
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- connect the control point with a device (38), such that the user can access 
services from the device in dependence of the rights granted to him. 

16. Computer program product (66) for creating a control point associated with a 
5 user in a computing environment having a networking connectivity model, comprising a 

computer readable medium having thereon: 

computer program code means, to make the computer execute, when said 
program is loaded in the computer: 

- generate a control point identity for the user based on a public key associated 

10 with the user, 

- provide at least basic control point functionalities, and 

- store the control point identity and the functionalities as a control point such 
that the user can operate any device he is allowed to in the computing environment from any 
physical entity where the control point is enabled. 

15 

17. Computer program product (66) for accessing services provided by a device in 
a computing environment having a networking connectivity model, comprising a computer 
readable medium having thereon: 

computer program code means, to make the computer execute, when said 
20 program is loaded in the computer: 

- identify a user wanting to access services at a point of access for the user to 
the computing environment by using a control point identifier, 

- determine if there is a control point associated with the user existing at the 
point of access, 

25 - copy, if there is no such control point at the point of access, the control point 

to the point of access, 

- activate the control point, and 

- connect the control point with a device, such that the user can access services 
from the device in dependence of the rights granted to him. 

30 

18. Computer program element for creating a control point associated with a user 
in a computing environment having a networking connectivity model, said computer program 
element comprising: 
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computer program code means, to make the computer execute, when said 
program element is loaded in the computer: 

- generate a control point identity for the user based on a public key associated 

with the user, 

- provide at least basic control point functionalities, and 

- store the control point identity and the functionalities as a control point such 
that the user can operate any device he is allowed to in the computing environment from any 
physical entity where the control point is enabled. 

10 19. Computer program element for accessing services provided by a device in a 

computing environment having a networking connectivity model: 

computer program code means, to make the computer execute, when said 
program element is loaded in the computer: 

- identify a user wanting to access services at a point of access for the user to 
1 5 the computing environment by using a control point identifier, 

: - determine if there is a control point associated with the user existing at the 
point of access, 

- copy, if there is no such control point at the point of access, the control point 
to the point of access, 

20 - activate the control point, and 

- connect the control point with a device, such that the user can access services 
from the device in dependence of the rights granted to him. 



5 



